OPNsense adds new Wireguard routes

[Maxio]

As in the topic, OPNsense adds new Wireguard routes and therefore the entire system has no access to the internet, neither LAN, VLANS nor opnsense itself. From what I noticed, after removing two routes (img), everything returns to normal and you can connect to the VPN. Can someone tell me what is wrong? System was online for a long time and I noticed it only when I lost the connection after restarting

[Seimus]

Looks like RA?

Are you sure you did read the docs properly?

Cause in the Peer configuration allowed IPs:

Unique tunnel IP address (IPv4 and/or IPv6) of client - it should be a /32 or /128 (as applicable) within the subnet configured on the WireGuard Instance. For example, 10.10.10.2/32

You cant put 0/0 into peer configuration on OPNsense, this goes into the configuration on the APP site for the Client device.

Regards,
S.

[tiermutter]

Allowed IPs in peer config is misconfigured. This should be the clients IP,  not what the client is allowed to.

[tiermutter]

Since I am unable to do so:
Can someone raise a ticket on github, suggesting that the option in GUI and also description should be changed?
We have loads of threads about this...

[tiermutter]

https://forum.opnsense.org/index.php?topic=39938.msg195670#msg195670

[Maxio]

okay then it's my fault. Honestly, I didn't read the documentation carefully, I relied more on how i configured WG in the past. Thank you very much for help

[Patrick M. Hausen]

Since I am unable to do so:
Can someone raise a ticket on github, suggesting that the option in GUI and also description should be changed?
We have loads of threads about this...

Unfortunately these descriptions/names come from WireGuard, not from OPNsense. Naming them different from what other systems with WG use is a really bad idea, IMHO.

[tiermutter]

Sure, that's because I also suggested to leave original naming in addition. However, the description in GUI is not correct and needs a fix (if not already fixed).